The bigger threat is the National Security Agency: Despite Heart Bleed, the Internet’s Alive and Well!
By Alfredo Lopez
Some are calling it a "worst nightmare". There have been dire predictions that it represents the end of the Internet or that there is, in fact, no real Internet security or that Free and Open Source Software is dangerous to use.
One thing is sure. The week-old saga of the Heart Bleed flaw (or bug) and its potential exploits has shown more light on the Internet and its security issues than anything else in recent memory.
Like so much coverage of these security issues, however, this outcry is misdirected. In reality, the flaw gives us an excellent example of how the Internet works when it's at its best. How Free and Open Source software is developed, how prominent and important it is, how well its development system works and why security is, in fact, simple and possible.
It also shows how our government doesn't care about our security: ignoring major threats to the Internet and then apparently exploiting them to spy on us -- for as much as two years.
These are valuable lessons demanding that we understand what really happened.
The Heart Bleed flaw affects servers -- the machines that operate your Internet services: store websites, serve email and do whatever you need the Internet to do. It won't directly expose the storage or memory of your personal or home computer.
It is a flaw in the code of a library of programs called "openssl", the most popular programs for Internet encryption and security. Openssl works on most on-line credit card transactions, encrypted email, encrypted chat -- anything you do on-line securely. That ubiquity affects us all because we all, at one time or another, communicate with a server using openssl and many of us do that very often.
The flaw affects the RAM (random access memory) of a server. RAM is not disk storage...
For the rest of this article by ALFREDO LOPEZ in ThisCantBeHappening!, the new uncompromising four-time Project Censored Award-winning online alternative newspaper, please go to:www.thiscantbehappening.net/